package com.huatai.monitoring.config;

import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;

/**
 * @program: ht-system
 * @description: 安全配置
 * @author: songxiude
 * @create: 2023-11-10 10:20
 **/
@Configuration
public class AdminSecurityConfig extends WebSecurityConfigurerAdapter {
	private String adminContextPath;

	public AdminSecurityConfig(AdminServerProperties adminServerProperties) {
		//上下文的处理路径
		this.adminContextPath = adminServerProperties.getContextPath();
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
		successHandler.setTargetUrlParameter("redirectTo");
		http.authorizeRequests()
			.antMatchers(this.adminContextPath+"/assets/**").permitAll()
			.antMatchers(this.adminContextPath+"/login").permitAll()
			.anyRequest().authenticated()
			.and().formLogin().loginPage(this.adminContextPath+"/login")
			.successHandler(successHandler)
			.and().logout().logoutUrl(this.adminContextPath+"/logout")
			.and().httpBasic().and().csrf().disable();
	}
}
